CN102340455A - E-mail transmission method and reception method encrypted with fingerprint data - Google Patents

Abstract

A transmission method of an E-mail encrypted by fingerprint data and a receiving method thereof are disclosed. The E-mail transmission method is characterized in that: when a first computer transmits the E-mail, the E-mail is encrypted by using the fingerprint data of account number data corresponding to the E-mail; when a second computer receives the E-mail of the assigned account number data, the E-mail can be decrypted by using the fingerprint data of a second computer user; if decryption successes, the receiver is allowed to open the E-mail, otherwise, the receiver is forbidden to open the E-mail.

Description

Translated fromChinese

以指纹资料加密的电子邮件传送方法与接收方法E-mail transmission method and reception method encrypted with fingerprint data

【技术领域】【Technical field】

本发明关于一种电子邮件的安全传送方法与接收方法，特别是关于一种以指纹资料加密的电子邮件传送方法与接收方法，借由在发送端以指纹加密寄送电子邮件，再于收件端以收件端电脑使用者的指纹资料解密该电子邮件，以决定是否允许解密开启该电子邮件。The present invention relates to a method for securely transmitting and receiving emails, in particular to a method for transmitting and receiving emails encrypted with fingerprint data. The terminal decrypts the email with the fingerprint data of the recipient computer user to determine whether to allow decryption to open the email.

【背景技术】【Background technique】

由于电脑及网络科技不断演进，不论商业、工业等各领域的活动都已进入了数字化电子时代。传统纸本的信息传送方式已渐渐被数字化、电子化文件所取代。通过电子邮件及网络系统，人们可以很快速地传送电子信息。但在方便之余，电子邮件在发送/接收时的安全性已成为一个重要的课题。Due to the continuous evolution of computer and network technology, activities in various fields, such as business and industry, have entered the era of digital electronics. The traditional paper information transmission method has gradually been replaced by digital and electronic documents. Through e-mail and network systems, people can send electronic information very quickly. But apart from convenience, the security of e-mails when sending/receiving has become an important topic.

目前普遍使用的电子邮件应用程序，通常都设计有通讯录的功能。连络人员的各项相关资料如电话、地址、公司等都可以建置在通讯录中进行管理。目前电子邮件的使用，很平常的就是发送者若要寄送电子邮件给某一收件者，就由通讯录把想要寄送的指定收件者的电子邮件点选，然后指定该收件者作为欲传送电子邮件的收件者。收件者在通过电子邮件应用程序及网络系统收到该电子邮件后，可以开启电子邮件观看邮件内容。The currently commonly used email application programs are usually designed with the function of an address book. All relevant information of contact personnel such as phone number, address, company, etc. can be built in the address book for management. At present, the use of e-mail is very common. If the sender wants to send an e-mail to a certain recipient, the address book will select the e-mail of the designated recipient to be sent, and then specify the recipient. as the recipient of the email to be sent. After receiving the e-mail through the e-mail application program and network system, the recipient can open the e-mail to view the content of the e-mail.

然而，如果该电子邮件是需要保密的，一定要指定收件人才能打开的话，一般可能就是把资料用密码压缩，然后打电话通知收件人密码是多少，由收件人本人知道密码后才能打开。这样的操作方式造成了使用上的不便，且也并不一定能达到保密的目的。再者，目前有些电脑是多人共享，或是使用者在使用电脑收电子邮件但需暂时离开电脑时，而电子邮件应用程序忘了关闭的状况下，那就有可能使电子邮件失去了保密性及安全性。However, if the e-mail needs to be kept confidential and the recipient must be designated to open it, it is generally possible to compress the data with a password, then call the recipient to inform the recipient of the password, and the recipient can only open it after knowing the password. Open. Such an operation mode causes inconvenience in use, and does not necessarily achieve the purpose of confidentiality. Furthermore, some computers are currently shared by multiple people, or when the user is using the computer to receive emails but needs to leave the computer temporarily, and the email application program forgot to close, then the email may lose its confidentiality. sex and safety.

为了要增进电子邮件在发送/接收时的安全性，在先前技术中揭露了各种不同的电子邮件安全加密技术。例如在台湾发明专利号为I223951的专利中，其揭露了一种以电子邮件进行身份认证的系统及方法，其包括有寄信端、收信端及知识管理端，主要在寄信端寄出附加有文件档案的电子邮件给收信端的同时，一并传输收信密码、收信端地址及文件档案的文件地址，并在收信端收到电子邮件后，经由传递收信密码、收信端地址及文件地址予知识管理端验证后，才能够开启此文件档案，以增加电子邮件传输的安全性。In order to enhance the security of e-mails when sending/receiving, various e-mail security encryption technologies have been disclosed in the prior art. For example, in the patent of Taiwan Invention Patent No. I223951, it discloses a system and method for identity authentication by email, which includes a sending end, a receiving end and a knowledge management end, mainly at the sending end. When the e-mail with the file file attached is sent to the receiving end, the receiving password, the address of the receiving end and the file address of the file file are transmitted together, and after the receiving end receives the e-mail, it passes the receiving password, receiving Only after the terminal address and file address are verified by the knowledge management terminal can the file be opened to increase the security of email transmission.

又例如在台湾发明专利号为I267000的专利中，其揭露了一种显示电子邮件的方法，在电脑系统中建立成员列表及若干个群组列表的一资料库；产生所有电子邮件使用者的一对应表，其中该对应表为所有电子邮件使用者与该资料库的对应关系；启动一电子邮件监视模式；开启一电子邮件过滤程序；以及显示以特定指示方式由该电子邮件过滤程序后所对应的使用者。Another example is that in the patent of Taiwan Invention Patent No. I267000, it discloses a method for displaying e-mails, which establishes a database of member lists and several group lists in the computer system; produces a database of all e-mail users. A correspondence table, wherein the correspondence table is the correspondence between all email users and the database; an email monitoring mode is activated; an email filtering program is started; users.

又例如在台湾发明专利号为192853的专利中，其揭露了一种整合电子邮件加密/解密的方法，适用于使用者寄出一加密的电子邮件，首先，编写一电子邮件；其次，为上述电子邮件找出适用于加密的一公开机码；然后，以上述公开机码为上述电子邮件进行加密；最后，寄出上述加密完成的电子邮件。Another example is that in Taiwan's invention patent No. 192853, it discloses a method for integrating email encryption/decryption, which is suitable for users to send an encrypted email. First, write an email; secondly, for the above-mentioned The email finds out a public key suitable for encryption; then, encrypts the email with the public key; finally, sends the encrypted email.

本发明另揭示一种整合电子邮件加密/解密的方法，适用于使用者解读一收到的加密的电子邮件，首先，开启上述加密的电子邮件。其次，为上述加密的电子邮件找出一解密机码。最后，以上述解密机码为上述加密的电子邮件进行解密。The present invention also discloses an integrated email encryption/decryption method, which is suitable for a user to decipher a received encrypted email. First, the encrypted email is opened. Next, find out a decryption code for the above-mentioned encrypted e-mail. Finally, the above-mentioned encrypted email is decrypted with the above-mentioned decryption code.

【发明内容】【Content of invention】

虽然在先前技术中，已发展出各种不同的电子邮件安全发送/接收的技术，但这些技术仍无法满足使用者的需求，也不一定能真正达到邮件安全的要求。例如在前述先前专利案(台湾发明专利号I223951)中，其采用在电子邮件在发送时一并传输收信密码、收信端地址及文件档案的文件地址的技术中，事实上仍无法有效防止被他人以乱码扫描破解收信密码的问题。而在台湾发明专利号I267000中，电脑系统中建立成员列表及若干个群组列表的作法中，仅是以列表过滤使用者的作法，仍有可能被有心者以假冒使用者或侵入系统更动成员列表或群组列表而破解。又如台湾发明专利号192853中，其以一公开机码将电子邮件进行加密，再寄出加密完成的电子邮件，而收件者在收到电子邮件后，以一解密机码进行解密。此一技术同样也无法有效防止被他人以乱码扫描破密码的问题。Although various technologies for securely sending/receiving e-mails have been developed in the prior art, these technologies still cannot meet the needs of users, and may not really meet the requirements for e-mail security. For example, in the aforementioned previous patent case (Taiwan Invention Patent No. I223951), it adopts the technology of transmitting the receiving password, the address of the receiving end and the file address of the file file when the email is sent, but in fact it is still unable to effectively prevent The issue of receiving passwords being cracked by others scanning garbled characters. In Taiwan Invention Patent No. I267000, in the method of creating a member list and several group lists in the computer system, only the method of filtering users by the list may still be altered by those who wish to impersonate users or intrude into the system Member list or group list to crack. Another example is in the Taiwan Invention Patent No. 192853, which encrypts the email with a public machine code, and then sends the encrypted email, and the recipient decrypts it with a decryption code after receiving the email. This technology also cannot effectively prevent the problem of being cracked by others scanning the password with garbled characters.

因此，鉴于前述现有技术的缺失，本发明的一目的是以提供一种以接收者个人特征资料加密电子邮件的方式来达到电子邮件的发送/接收的安全性。Therefore, in view of the lack of the aforementioned prior art, an object of the present invention is to provide a method of encrypting emails with the recipient's personal characteristic data to achieve the security of sending/receiving emails.

本发明的另一目的是提供一种以接收者指纹资料加密的电子邮件传送方法，在第一电脑寄送电子邮件时即以一对应于电子邮件的账号资料的指纹资料将电子邮件予以加密，再寄送给收件者。Another object of the present invention is to provide a method for sending emails encrypted with the recipient's fingerprint data. When the first computer sends the email, the email is encrypted with a fingerprint data corresponding to the account data of the email. Send it to the recipient.

本发明的另一目的是提供一种以接收者指纹资料将电子邮件解密开启的方法，在收件者接收到以指纹加密的电子邮件时，仅能在收件端使用者的指纹资料对电子邮件解密成功状况下，才能允许开启该电子邮件。Another object of the present invention is to provide a method for decrypting and opening e-mails with the recipient's fingerprint data. Only when the email is decrypted successfully can the email be opened.

本发明所采用的技术手段为在第一电脑在编写完成电子邮件后，会以一对应于该电子邮件指纹资料给以加密，再将电子邮件以一预设的通讯协议，经由网络系统寄出。而第二电脑通过该网络系统接收该指定账号资料的电子邮件后，会以第二电脑使用者的指纹资料解密该电子邮件，若解密成功，则允许该收件者开启该电子邮件，否则禁止开启该电子邮件。The technical means adopted in the present invention is that after the first computer finishes compiling the email, it will encrypt it with a fingerprint data corresponding to the email, and then send the email with a preset communication protocol via the network system . After the second computer receives the e-mail of the specified account information through the network system, it will decrypt the e-mail with the fingerprint data of the user of the second computer. If the decryption is successful, the recipient is allowed to open the e-mail, otherwise it is prohibited. Open the email.

在较佳实施例中，可在电子邮件通讯录中的收件人个人资料上多建立一个指纹库，可以将通讯录中认为需要用到指纹辨识保护的收件者的指纹档案预先建立起来，以供日后寄送重要电子邮件给这些接收者时，加上指纹辨识的功能。In a preferred embodiment, an additional fingerprint library can be established on the recipient's personal data in the email address book, and the fingerprint files of the recipients in the address book that need to be protected by fingerprint identification can be pre-established. For sending important e-mails to these recipients in the future, add the function of fingerprint recognition.

本发明的设计，提供一种以接收者个人独特的特征资料加密电子邮件的方式，可有效达到电子邮件的发送/接收的安全性，完全克服了先前技术中无法防止被他人以乱码扫描破解收信密码、侵入系统更动资料等缺失。再者，本发明在电子邮件通讯录中的收件人个人资料中关联了指定收件者的指纹库，供日后要寄送重要电子邮件给这些接收者时，使用者只要简单的操作程序即可点选加入指纹辨识的功能，不仅具备高度安全性，也具备使用的简便性。而在收件者端，当收件者接收到以指纹加密的电子邮件时，仅能以收件者本人的指纹才能解密开启该电子邮件，否则禁止开启该电子邮件，从而提升了电子邮件开启的安全性。The design of the present invention provides a method of encrypting e-mails with the unique characteristic data of the recipient, which can effectively achieve the security of sending/receiving e-mails, and completely overcomes the inability to prevent others from scanning and deciphering emails with garbled codes in the prior art. Letter passwords, intrusion system modification data, etc. are missing. Furthermore, the present invention associates the fingerprint library of the designated recipient in the recipient's personal data in the email address book, so that when important emails are to be sent to these recipients in the future, the user only needs to operate a simple procedure. You can choose to add the function of fingerprint identification, which not only has high security, but also has the simplicity of use. On the recipient's side, when the recipient receives an email encrypted with a fingerprint, the email can only be decrypted and opened with the recipient's own fingerprint, otherwise the email is prohibited from being opened, thus improving the security of email opening. security.

本发明的其它目的及其功效，将借由以下的实施例及附图作进一步的说明。Other purposes and effects of the present invention will be further illustrated by the following embodiments and accompanying drawings.

【附图说明】【Description of drawings】

图1绘示本发明的系统示意图；Fig. 1 depicts a schematic diagram of the system of the present invention;

图2绘示账号资料与指纹资料的对应表；Fig. 2 shows the corresponding table of account data and fingerprint data;

图3绘示本发明在进行电子邮件的寄送时的流程图；Fig. 3 depicts the flow chart of the present invention when sending emails;

图4绘示本发明在进行电子邮件的接收辨识时的流程图。FIG. 4 shows a flow chart of the present invention when identifying emails received.

【具体实施方式】【Detailed ways】

参阅图1所示，其绘示本发明的系统示意图。如图所示，一第一电脑1通过一网络系统2可与一第二电脑3进行电子邮件的发送/接收。第一电脑1在进行电子邮件的发送/接收时，可利用一般商用的第一邮件程序11(例如MicrosoftOutlook或Outlook Express等)。Referring to FIG. 1 , it shows a schematic diagram of the system of the present invention. As shown in the figure, afirst computer 1 can send/receive emails with asecond computer 3 through a network system 2 . Thefirst computer 1 can utilize the first mail program 11 (such as Microsoft Outlook or Outlook Express, etc.) that is generally commercially available when sending/receiving emails.

第一邮件程序11中包括有一通讯录13，可储存有若干笔账号资料。一指纹库14可储存有若干笔指纹资料。加密元件16可用来提供电子邮件12的加密处理功能，其中加密元件16不限于硬件装置，亦可为软件或韧件。图2绘示账号资料与指纹资料的对应表。Thefirst mail program 11 includes anaddress book 13, which can store several account information. Afingerprint library 14 can store several fingerprint data. Theencryption element 16 can be used to provide the encryption processing function of theemail 12, wherein theencryption element 16 is not limited to a hardware device, and can also be software or firmware. FIG. 2 shows a correspondence table between account data and fingerprint data.

网络系统2可为一因特网系统或是一局域网络系统。第一电脑1及第二电脑3可通过第一网络界面21、第二网络界面22分别连结于网络系统2，以一预定的通讯协议15(例如采用SMTP通讯协议或其它通讯协议)进行电子邮件12的发送/接收或是网络资源的存取。在网络系统2中也可包括有一服务器23，用以接收该第一电脑1所传送的电子邮件12、以及将该电子邮件12传送至第二电脑3的指定收件者。The network system 2 can be an Internet system or a local area network system. Thefirst computer 1 and thesecond computer 3 can be connected to the network system 2 respectively through thefirst network interface 21 and thesecond network interface 22, and carry out emails with a predetermined communication protocol 15 (such as adopting SMTP communication protocol or other communication protocols) 12 transmission/reception or access to network resources. The network system 2 may also include aserver 23 for receiving theemail 12 sent by thefirst computer 1 and sending theemail 12 to the designated recipient of thesecond computer 3 .

第二电脑3亦预先安装有第二邮件程序31。第二电脑3接收到的电子邮件12会储存在第二电脑3的储存装置(例如硬盘)的指定位置。在本发明的设计中，第二电脑3中包括有一辨识器F，可供用来取得第二电脑3使用者的指纹资料。只有在第二电脑使用者的指纹资料对接收的电子邮件解密成功时，才允许收件者开启该电子邮件。其中解密元件32不限于硬件装置，亦可为软件或韧件。Thesecond computer 3 is also pre-installed with asecond mail program 31 . Theemail 12 received by thesecond computer 3 will be stored in a designated location of the storage device (such as a hard disk) of thesecond computer 3 . In the design of the present invention, thesecond computer 3 includes an identifier F, which can be used to obtain the fingerprint data of the user of thesecond computer 3 . Only when the fingerprint data of the user of the second computer successfully decrypts the received email, the recipient is allowed to open the email. The decryption component 32 is not limited to a hardware device, but can also be software or firmware.

以下将对本发明的具体步骤作进一步的说明。同时参阅图1、2、3所示，首先在第一电脑1中建置有若干笔账号资料及对应于该账号资料的指纹资料(步骤s101)。使用者在第一电脑1以预定邮件格式编写完成电子邮件12时(步骤s102)，会指定该电子邮件12的至少一账号资料(步骤s103)作为电子邮件12的收件者资料。The specific steps of the present invention will be further described below. 1, 2, and 3 at the same time, firstly, a number of account data and fingerprint data corresponding to the account data are built in the first computer 1 (step s101). When the user completes writing theemail 12 in the predetermined email format on the first computer 1 (step s102 ), he will designate at least one account information of the email 12 (step s103 ) as the recipient information of theemail 12 .

此时，使用者可以选择决定该电子邮件12是否要以指纹资料加密的型态寄送(步骤s104)。当选择需将电子邮件12以指纹资料加密的型态寄送时，即由指纹库14中取得对应于该指定账号资料的指纹资料(步骤s105)，并由加密元件16以该指纹资料将电子邮件12予以加密(步骤s106)。以指纹资料加密电子邮件时，可运用撷取指纹后或再经转换后的数字资料进行加密，亦可运用原始指纹影像的模拟资料进行加密。At this time, the user can choose whether to send theemail 12 with fingerprint data encrypted (step s104 ). When selecting to send theelectronic mail 12 with fingerprint data encryption, the fingerprint data corresponding to the specified account data is obtained from the fingerprint library 14 (step s105), and the electronic mail is encrypted by theencryption element 16 with the fingerprint data. Themail 12 is encrypted (step s106). When encrypting e-mails with fingerprint data, the digital data after fingerprint capture or conversion can be used for encryption, or the analog data of the original fingerprint image can be used for encryption.

在指纹加密的技术中，一般作法是经过指纹资料撷取、指纹图形的最佳化调整、找出指纹特征点(Minutia)、资料数字化、资料储存、以指纹资料加密电子邮件等步骤。In the technology of fingerprint encryption, the general practice is to go through the steps of fingerprint data capture, optimal adjustment of fingerprint graphics, finding fingerprint feature points (Minutia), data digitization, data storage, and encrypting emails with fingerprint data.

在取得标的指纹资料时，目前作法是利用指纹输入装置(Finger PrintInput Device)将指纹的图形及其它相关特征撷取下来。指纹输入装置概可分为光学式感应器(CCD)及半导体式感应器(COMS)，其中光学式感应器(CCD)虽然具有易受外界光线影响导致无法取像或取像不完整或聚焦偏离的问题，但具有优越的取像速度及抗静电的特性。而半导体感应器的取样是以实际接触面所量得的数值做登录的资料，故半导体感应器对于生物特性的捕捉远远优于光学式感应器。When obtaining the fingerprint data of the target, the current practice is to use a fingerprint input device (Finger PrintInput Device) to capture the graphics and other relevant features of the fingerprint. Fingerprint input devices can be divided into optical sensors (CCD) and semiconductor sensors (COMS). Although optical sensors (CCD) are easily affected by external light, image capture is impossible or incomplete, or the focus is off. problem, but has superior imaging speed and antistatic properties. The sampling of semiconductor sensors is based on the values measured on the actual contact surface as the registered data, so the capture of biological characteristics by semiconductor sensors is far better than that of optical sensors.

指纹输入装置所撷取下来的指纹图形及相关特征，可以进一步进行指纹图形的最佳化调整。一般作法是以指纹辨识系统中所建置的软件引擎执行质量检查(Quality Control)及AGC自动增益控制(Automatic Gain Control)，以使指纹图形得到最佳化的调整。The fingerprint pattern and related features captured by the fingerprint input device can further optimize the adjustment of the fingerprint pattern. The general practice is to implement quality control (Quality Control) and AGC automatic gain control (Automatic Gain Control) with the software engine built in the fingerprint identification system, so that the fingerprint pattern can be adjusted optimally.

当撷取到具有预定质量的指纹图形后，需将该指纹图形及相关特征运用程序运算及统计，找出该指纹的特征点。在撷取指纹的特征点时，其指纹特征点指的是指纹的交叉点以及指纹的断点。当软件引擎找到这些指纹特征点后，它会将特征点与特征点之间的向量关系储存下来，以作为指纹比对的依据。After capturing a fingerprint pattern with a predetermined quality, it is necessary to use a program to calculate and count the fingerprint pattern and related features to find out the feature points of the fingerprint. When extracting the feature points of the fingerprint, the fingerprint feature points refer to the intersection points of the fingerprint and the break points of the fingerprint. When the software engine finds these fingerprint feature points, it will store the vector relationship between feature points and feature points as the basis for fingerprint comparison.

指纹的生物模拟资料可转为数字资料，而后再依此数字资料进行加/解密。在储存指纹资料时，储存在指纹库14的指纹资料通常是指纹撷取后或再经转换后的数字资料(资料量小，加密快速)，但也可为原始指纹影像的模拟资料(资料量大，加密较慢)。为了要节省资料储存容量，可以将指纹资料以现有资料压缩的技术进行资料压缩。Biometric data of fingerprints can be converted into digital data, and then encrypted/decrypted based on the digital data. When storing fingerprint data, the fingerprint data stored in thefingerprint database 14 is usually the digital data after the fingerprint is captured or converted (the amount of data is small, and the encryption is fast), but it can also be the analog data of the original fingerprint image (the amount of data is fast). large, slower encryption). In order to save data storage capacity, the fingerprint data can be compressed using existing data compression technology.

使用者在编写完成预定邮件格式的电子邮件12后，可以由建置在第一电脑1中的通讯录13指定欲寄送的账号资料，并以对应于该账号资料的指纹资料加密电子邮件。After the user writes thee-mail 12 in the predetermined e-mail format, theaddress book 13 built in thefirst computer 1 can specify the account data to be sent, and encrypt the e-mail with the fingerprint data corresponding to the account data.

以指纹资料加密电子邮件的方法中，可以采用不同类型的资料加密技术。例如对称式加解密方法(Symmetric Key Cryptosystem)是目前应用频率最高的一种加解密机制，在已知的对称式加密方法的加/解密技术中，包括有例如资料加密标准(Data Encryption Standard，DES)、国际资料加密算法(InternationalData Encryption Algorithm，IDEA)、RC4(Route Coloniale 4，)加密算法、RC5(Route Coloniale 5，)加密算法等不同方式。In the method of encrypting emails with fingerprint data, different types of data encryption techniques can be used. For example, the Symmetric Key Cryptosystem (Symmetric Key Cryptosystem) is currently the most frequently used encryption and decryption mechanism. Among the encryption/decryption technologies of known symmetric encryption methods, there are, for example, the Data Encryption Standard (Data Encryption Standard, DES ), International Data Encryption Algorithm (IDEA), RC4 (Route Coloniale 4,) encryption algorithm, RC5 (Route Coloniale 5,) encryption algorithm and other different methods.

在对称式加解密方法中，其中发送方(第一电脑)会产生一把金钥(Key)，由许多位所组成，并用这把金钥与指纹资料与邮件资料做数字运算，用以产生包括有指纹资料加密后的电子邮件。当这份指纹资料加密后的电子邮件传送到接收方(第二电脑)后，收件者必须运用同一把金钥将资料还原，以便解读电子邮件的原资料内容。因此当网络双方进行电子邮件秘密通讯时，只要他们都必须拥有同一把金钥，即可由发送方将资料加密，再由接收方用同一把金钥资料还原，如此一来便可以确保电子邮件的机密性。In the symmetric encryption and decryption method, the sender (the first computer) will generate a key (Key), which is composed of many bits, and use the key to perform digital operations with fingerprint data and mail data to generate Including encrypted emails with fingerprint data. After the encrypted email of the fingerprint data is sent to the recipient (the second computer), the recipient must use the same key to restore the data in order to decipher the original content of the email. Therefore, when two parties on the network conduct secret email communication, as long as they both have the same key, the sender can encrypt the data, and then the receiver can restore the data with the same key, so that the email can be guaranteed. confidentiality.

除了使用对称式加解密方法进行加密之外，亦可采用非对称式加解密方法(Asymmetric Key Cryptosystem)，此一技术又称为公开金钥加密法(Public KeyEncryption)，与对称式加解密方法最大的不同点在于加密与解密所使用的金钥是不同的，因此使用者必须先产生一对金钥，一把用来加密，而相对的另一把用来解密。在已知的非对称式加密方法的加/解密技术中，包括有例如RSA密码系统(Rivest Shamir and Adleman，RSA)、背包密码系统(Knapsack public keycryptosystem)、McEliece密码系统(McEliece cryptosystem)、D-H密钥交换(Diffie-Hellman Key Exchange)密码系统、Rabin密码(Rabin Cryptosystem)、零知识证明(Zero-knowledge Proof)密码系统、椭圆曲线密码系统(EllipticCurve Cryptosystem)、ELGamal密码系统等不同密码系统。In addition to using symmetric encryption and decryption methods for encryption, asymmetric encryption and decryption methods (Asymmetric Key Cryptosystem) can also be used. This technology is also called Public Key Encryption (Public Key Encryption). The difference is that the keys used for encryption and decryption are different, so the user must first generate a pair of keys, one for encryption and the other for decryption. Among the encryption/decryption technologies of known asymmetric encryption methods, there are, for example, RSA cryptosystem (Rivest Shamir and Adleman, RSA), backpack cryptosystem (Knapsack public keycryptosystem), McEliece cryptosystem (McEliece cryptosystem), D-H cryptosystem Different cryptosystems such as Diffie-Hellman Key Exchange cryptosystem, Rabin Cryptosystem, Zero-knowledge Proof cryptosystem, Elliptic Curve Cryptosystem, ELGamal cryptosystem, etc.

以非对称式加解密方法加密电子邮件时，其作法是：假设发送方想传送机密电子邮件资料给接收方，这时接收方必须先产生一对金钥，其中一把为公钥用以加密，一把为私钥用以解密，并由接收方将公钥传给发送方做为加密的钥匙。这时发送方便可利用这把公钥将电子邮件资料内容做加密，将密文传送给接收方。接收方在收到密文后用自己的私钥将密文解开，便可得到原本的电子邮件信息内容，如此一来便完成了网络上机密资料交换的程序。这两把金钥基本上是对应用，少了任何一把就无法完成整个作业。其中一把可以向他人公开的称为公钥(Public Key)，另一把不可公开的称为私钥(Private Key)。When encrypting e-mails with asymmetric encryption and decryption methods, the method is as follows: suppose the sender wants to send confidential e-mail data to the receiver. At this time, the receiver must first generate a pair of keys, one of which is a public key for encryption. , one is the private key for decryption, and the receiver passes the public key to the sender as the encryption key. At this time, the sender can use the public key to encrypt the content of the email data and send the ciphertext to the receiver. After receiving the ciphertext, the receiver uses his own private key to decrypt the ciphertext, and then he can get the original content of the e-mail message, thus completing the procedure of exchanging confidential information on the network. These two keys are basically for the application, and the whole operation cannot be completed without any one. One of them is called the public key (Public Key) that can be disclosed to others, and the other one is called the private key (Private Key).

在完成电子邮件12的加密步骤之后，接着即可将电子邮件12以指纹资料加密的型态，经由网络系统2寄出(步骤s107)。若使用者选择不需将电子邮件12以指纹资料加密的型态寄送时，则电子邮件12即经由网络系统2直接寄出(步骤s108)。After the encryption step of theemail 12 is completed, theemail 12 can be sent via the network system 2 in the form of fingerprint data encryption (step s107 ). If the user chooses not to send theemail 12 with fingerprint data encrypted, theemail 12 is sent directly via the network system 2 (step s108 ).

当电子邮件寄出后，参阅图4所示，第二电脑3可通过该网络系统2接收指定账号资料的电子邮件(步骤s201)。当第二电脑3已接收到电子邮件12后，即借由辨识器F取得第二电脑3使用者的指纹资料(步骤s202)，并以第二电脑使用者的指纹资料解密电子邮件(步骤s203)。同样地，以第二电脑使用者的指纹资料进行解密时，可运用撷取指纹后或再经转换后的数字资料进行解密，亦可运用原始指纹影像的模拟资料进行解密。After the e-mail is sent, as shown in FIG. 4 , thesecond computer 3 can receive the e-mail specifying the account data through the network system 2 (step s201 ). After thesecond computer 3 has received theemail 12, it obtains the fingerprint data of the user of thesecond computer 3 by means of the identifier F (step s202), and decrypts the email with the fingerprint data of the user of the second computer (step s203 ). Similarly, when the fingerprint data of the second computer user is used for decryption, the digital data after the fingerprint is captured or converted can be used for decryption, and the analog data of the original fingerprint image can also be used for decryption.

在步骤s203中，当以第二电脑使用者的指纹资料解密成功时，即允许收件者开启该电子邮件(步骤s204)。而当第二电脑使用者的指纹资料解密失败时，则禁止收件者开启该电子邮件(步骤s205)。In step s203, when the decryption is successful with the fingerprint data of the second computer user, the recipient is allowed to open the email (step s204). And when the decryption of the fingerprint data of the second computer user fails, the recipient is prohibited from opening the email (step s205).

以上的实施例虽然是以指纹资料加密电子邮件作为本发明的较佳实施例，在实际的应用时，本发明的技术仍适用于以其它的收件者个人的人体生物特征资料来加密电子邮件，例如该人体特征资料可包括眼睛虹膜特征、掌纹、声纹等，都可达到如同本发明的相同目的及功效。Although the above embodiments use fingerprint data to encrypt e-mails as a preferred embodiment of the present invention, in actual application, the technology of the present invention is still applicable to encrypting e-mails with other recipients' personal biometric data For example, the human body feature data can include iris features, palm prints, voice prints, etc., all of which can achieve the same purpose and effect as the present invention.

再者，电子邮件由于需加/解密后寄给各个不同的收件者，有若干收件者时则会同时产生等同收件者数目的多封电子邮件，每一电子邮件各别需以指定的收件者指纹进行加/解密，也可用加/解密技术中的公钥与私钥进行电子邮件的加解密。Furthermore, since emails need to be encrypted/decrypted and sent to different recipients, when there are several recipients, multiple emails equal to the number of recipients will be generated at the same time, and each email needs to be specified in The recipient's fingerprint can be encrypted/decrypted, and the public key and private key in the encryption/decryption technology can also be used to encrypt and decrypt emails.

以上的实施例说明，仅为本发明的较佳实施例说明，凡精于此项技术者当可依据本发明的上述实施例说明而作其它种种的改良及变化。然而这些依据本发明实施例所作的种种改良及变化，当仍属于本发明的发明精神及以下所界定的专利范围内。The above descriptions of the embodiments are only the descriptions of the preferred embodiments of the present invention, and those who are skilled in the art can make other various improvements and changes based on the above descriptions of the embodiments of the present invention. However, the various improvements and changes made according to the embodiments of the present invention should still belong to the inventive spirit of the present invention and the scope of patents defined below.

Claims (15)

1. an electron post transmission method of encrypting with fingerprint data is characterized in that it comprises the following steps:

(a) write an Email at one first computer with a predetermined mail format;

(b) specify the number of the account data of this Email;

(c) this Email is encrypted corresponding to the fingerprint data of this number of the account data with one;

(d) with this Email with a preset communications protocol, send via network system.

2. the electron post transmission method of encrypting with fingerprint data according to claim 1 is characterized in that, step (a) is included in to build in this first computer and puts at least one number of the account data and corresponding to the fingerprint data of this number of the account data before.

3. the electron post transmission method of encrypting with fingerprint data according to claim 1 is characterized in that in the step (c), this Email is encrypted with the symmetrical expression encipher-decipher method.

4. the electron post transmission method of encrypting with fingerprint data according to claim 3; It is characterized in that; This symmetrical expression encipher-decipher method comprises data encryption standard (Data Encryption Standard; DES), international data AES (International Data Encryption Algorithm, IDEA), one of RC4 AES (Route Coloniale 4), RC5 AES (Route Coloniale 5).

5. the electron post transmission method of encrypting with fingerprint data according to claim 1 is characterized in that in the step (c), this Email is encrypted with the asymmetric encipher-decipher method.

6. the electron post transmission method of encrypting with fingerprint data according to claim 5; It is characterized in that; This asymmetric encipher-decipher method comprises one of following cryptographic system of utilization: (the Rivest of rsa cryptosystem system; Shamir and Adleman, RSA), knapsack cipher system (Knapsack public key cryptosystem), McEliece cryptographic system (McEliece Cryptosystem), D-H key change (Diffie-HellmanKey Exchange) cryptographic system, Rabin password (Rabin Cryptosystem), zero-knowledge proof (Zero-knowledge Proof) cryptographic system, elliptic curve cipher system (Elliptic CurveCryptosystem), ELGamal cryptographic system.

7. the electron post transmission method of encrypting with fingerprint data according to claim 1 is characterized in that, in the step (c), when encrypting this Email with this fingerprint data, comprise behind the utilization picking up fingerprint or again the numerical data after changing encrypt.

8. the electron post transmission method of encrypting with fingerprint data according to claim 1 is characterized in that, in the step (c), when encrypting this Email with this fingerprint data, the simulation data that comprises utilization original fingerprint image is encrypted.

9. an E-mail receiving method of encrypting with fingerprint data is characterized in that, comprises the following steps:

(a) cross the Email that a network system receives a number of the account data by one second computer expert, in this Email, include a Mail Contents with the fingerprint data encryption;

(b) obtain this second computer user's fingerprint data with an identifier;

(c) decipher this Email with this second computer user's fingerprint data;

(d) if during to this Email successful decryption, then allow this receiver to open this Email, otherwise forbid opening this Email with this second computer user's fingerprint data.

10. the E-mail receiving method of encrypting with fingerprint data according to claim 9 is characterized in that in the step (c), this Email is deciphered with the symmetrical expression encipher-decipher method.

11. the E-mail receiving method of encrypting with fingerprint data according to claim 10; It is characterized in that; This symmetrical expression encipher-decipher method comprises data encryption standard (Data Encryption Standard; DES), international data AES (International Data Encryption Algorithm, IDEA), one of RC4 (Route Coloniale 4) AES, RC5 (Route Coloniale 5) AES.

12. the E-mail receiving method of encrypting with fingerprint data according to claim 9 is characterized in that in the step (c), this Email is deciphered with the asymmetric encipher-decipher method.

13. the E-mail receiving method of encrypting with fingerprint data according to claim 12; It is characterized in that; This asymmetric encipher-decipher method comprises one of following cryptographic system of utilization: (the Rivest of rsa cryptosystem system; Shamir and Adleman, RSA), knapsack cipher system (Knapsack Public KeyCryptosystem), McEliece cryptographic system (McEliece Cryptosystem), D-H key change (Diffie-Hellman Key Exchange) cryptographic system, Rabin password (Rabin Cryptosystem), zero-knowledge proof (Zero-knowledge Proof) cryptographic system, elliptic curve cipher system (EllipticCurve Cryptosystem), ELGamal cryptographic system.

14. the E-mail receiving method of encrypting with fingerprint data according to claim 9; It is characterized in that; In the step (c), during with this Email of this second computer user's fingerprint data deciphering, comprise behind the utilization picking up fingerprint or again the numerical data after changing decipher.

15. the E-mail receiving method of encrypting with fingerprint data according to claim 9; It is characterized in that; In the step (c), when deciphering this Email with this second computer user's fingerprint data, the simulation data that comprises utilization original fingerprint image is deciphered.

Images